Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,414 advisories

Loading
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... High Unreviewed
CVE-2025-24254 was published Apr 1, 2025
Privilege escalation vulnerability in the saTECH BCU firmware version 2.1.3. An attacker with... High Unreviewed
CVE-2025-2858 was published Mar 28, 2025
A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could... High Unreviewed
CVE-2024-58104 was published Mar 25, 2025
Insecure permissions in kubeslice v1.3.1 allow attackers to gain access to the service account's... High Unreviewed
CVE-2024-53350 was published Mar 21, 2025
Insecure permissions in kuadrant v0.11.3 allow attackers to gain access to the service account's... High Unreviewed
CVE-2024-53349 was published Mar 21, 2025
Open WebUI Allows Admin Deletion via API Endpoint High
CVE-2024-7039 was published for open-webui (pip) Mar 20, 2025
XWiki uses the wrong wiki reference in AuthorizationManager High
CVE-2025-29924 was published for org.xwiki.platform:xwiki-platform-security-authorization-api (Maven) Mar 19, 2025
The Industrial theme for WordPress is vulnerable to unauthorized modification of data that can... High Unreviewed
CVE-2024-13376 was published Mar 14, 2025
The Post Meta Data Manager plugin for WordPress is vulnerable to multisite privilege escalation... High Unreviewed
CVE-2024-13835 was published Mar 8, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0... High Unreviewed
CVE-2025-27639 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368... High Unreviewed
CVE-2025-27644 was published Mar 5, 2025
A privilege escalation vulnerability in PocketBook InkPad Color 3 allows attackers to escalate to... High Unreviewed
CVE-2025-1424 was published Mar 4, 2025
The Templines Elementor Helper Core plugin for WordPress is vulnerable to privilege escalation in... High Unreviewed
CVE-2025-1295 was published Feb 27, 2025
The Bricks theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and... High Unreviewed
CVE-2024-2297 was published Feb 27, 2025
Authenticated privilege escalation in NetScaler Console and NetScaler Agent allows. High Unreviewed
CVE-2024-12284 was published Feb 20, 2025
Symantec Diagnostic Tool (SymDiag), prior to 3.0.79, may be susceptible to a Privilege Escalation... High Unreviewed
CVE-2025-0893 was published Feb 19, 2025
CWE-269: Improper Privilege Management vulnerability exists for two services (of which one... High Unreviewed
CVE-2025-0327 was published Feb 13, 2025
An issue in Nothing Tech Nothing OS v.2.6 allows a local attacker to escalate privileges via the... High Unreviewed
CVE-2024-51440 was published Feb 13, 2025
A DLL hijacking vulnerability in the AMD Ryzen™ Master Utility could allow an attacker to... High Unreviewed
CVE-2024-21966 was published Feb 11, 2025
The Platform component of Mitel OpenScape 4000 and OpenScape 4000 Manager through V10 R1.54.1 and... High Unreviewed
CVE-2025-23093 was published Feb 6, 2025
MobSF Local Privilege Escalation High
CVE-2025-24805 was published for mobsf (pip) Feb 5, 2025
Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to... High Unreviewed
CVE-2024-11467 was published Feb 5, 2025
With address book access, SMB/FTP settings could be modified, redirecting scans and possibly... High Unreviewed
CVE-2024-12511 was published Feb 3, 2025
The WooCommerce Customers Manager plugin for WordPress is vulnerable to Privilege Escalation due... High Unreviewed
CVE-2024-13343 was published Feb 1, 2025
A vulnerability in the NetExtender Windows client log export function allows unauthorized access... High Unreviewed
CVE-2025-23007 was published Jan 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database